Technology
This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.
Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.
Rules:
1: All Lemmy rules apply
2: Do not post low effort posts
3: NEVER post naziped*gore stuff
4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.
5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)
6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist
7: crypto related posts, unless essential, are disallowed
view the rest of the comments
I don't understand why cell phones don't authenticate the towers they connect to. Is this really just a "standards lag behind modern security" thing, or is it on purpose to allow these Stingray devices to be used?
I assume it's the same as the Internet (or more specifically HTTP): It wasn't designed with security in mind.
Unlike HTTP, for some reason it wasn't included in a new specification, though. My guess is that's because of the more centralized nature of cellular networks. The barrier for entry is a lot higher as well so there are few but big players who have little incentive to improve over the bare minimum.
IIRC encryption was initially proposed to be part of 5G but got shot down in the process.
Wait, 5G isn't encrypted? I think it does have some protections still. I mean, not that it would matter to me, they only use NR-NSA in my country so it isn't even full 5G with all its advantages.
At the risk of sounding like an AI-generated ad, I use an app called Privacy Cell on Fdroid, that confirmed there is no true 5G anywhere in my country. I just wish there was a way to differentiate between the two versions of 5G natively, kinda like 4G-LTE showing up as LTE instead of just 4G.
Encrypted data channels can still be vulnerable to man in the middle attacks. Like when you connect to an unknown host with SSH, and the client pops up a big warning.
In this case, ICE or whomever sets up a "valid" cell tower that your phone connects to, and they (law enforcement) route your packets onto the rest of the Internet. They can decrypt the 5G data, and see all of the IP headers. They can't necessarily read the TLS traffic, such as https. But most important of all, they can log all of the IMEIs that connect, which effectively gives them a database of all of the protestors.
I believe it's because they assume it's not necessary because it was until now
... so I imagine there was no authentication because there was no practical threat beside few "fun" examples in CCC or DEF Con.
The use of Stingray by US law enforcement has been challenged on grounds that the law enforcement agencies have no spectrum license. Those challenges seem not to have found success.
On the other hand, prisons in the US have been stopped from operating cell phone jammers on prison grounds, on the same complaint of no spectrum license.
I don't know the specific methods, but 3G, 4G and 5G do authenticate bidirectionaly, just 2G doesn't, partially why Android now has "Disable 2G" toggle.
Also probably why they said they can downgrade you to 2G to intercept communication.
What's happening here is probably similar to anyone being able to send Wi-Fi deauthentification frame to your device to disconnect you. Unless you're using WPA3.
Even if they did, I don't see government having trouble getting a proper authentication key.
I assume on purpose
IMEI/IMSI are collected (and immediately linked, hence deanonymized even if SIM was inserted only once) by cell tower operators. Just not bring your device, period.
Yeah, I agree with that personally, but realistically, "your phone was near a place" is not the same as "you were involved". If they hijack a phone onto a Stingray, they can get way more info than just IMEI.
Think long term movement patterns, correlations with others such, anomaly detection.